Note: This is an archival copy of Security Sun Alert 200813 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com
as Sun Alert 1000612.1.

Sun Linux 5.0 ships with Lynx, a popular text-based Web browser for Unix systems which fails to remove certain character combinations from URL requests in versions 2.8.4 and below. A remote unprivileged user could add CRLF (Carriage Return - Line Feed) combinations to a URL request entered on the Lynx command-line or in the WWW_HOME environment variable to cause fake HTTP headers to be sent. This could result in local users that are utilizing Lynx to be redirected to the wrong Web server.